responses.rb
148 lines
| 4.4 KiB
| text/x-ruby
|
RubyLexer
Eric Davis
|
r2376 | module OpenID | ||
| class Consumer | ||||
| # Code returned when either the of the | ||||
| # OpenID::OpenIDConsumer.begin_auth or OpenID::OpenIDConsumer.complete_auth | ||||
| # methods return successfully. | ||||
| SUCCESS = :success | ||||
| # Code OpenID::OpenIDConsumer.complete_auth | ||||
| # returns when the value it received indicated an invalid login. | ||||
| FAILURE = :failure | ||||
| # Code returned by OpenIDConsumer.complete_auth when the user | ||||
| # cancels the operation from the server. | ||||
| CANCEL = :cancel | ||||
| # Code returned by OpenID::OpenIDConsumer.complete_auth when the | ||||
| # OpenIDConsumer instance is in immediate mode and ther server sends back a | ||||
| # URL for the user to login with. | ||||
| SETUP_NEEDED = :setup_needed | ||||
| module Response | ||||
| attr_reader :endpoint | ||||
| def status | ||||
| self.class::STATUS | ||||
| end | ||||
| # The identity URL that has been authenticated; the Claimed Identifier. | ||||
| # See also display_identifier. | ||||
| def identity_url | ||||
| @endpoint ? @endpoint.claimed_id : nil | ||||
| end | ||||
| # The display identifier is related to the Claimed Identifier, but the | ||||
| # two are not always identical. The display identifier is something the | ||||
| # user should recognize as what they entered, whereas the response's | ||||
| # claimed identifier (in the identity_url attribute) may have extra | ||||
| # information for better persistence. | ||||
| # | ||||
| # URLs will be stripped of their fragments for display. XRIs will | ||||
| # display the human-readable identifier (i-name) instead of the | ||||
| # persistent identifier (i-number). | ||||
| # | ||||
| # Use the display identifier in your user interface. Use identity_url | ||||
| # for querying your database or authorization server, or other | ||||
| # identifier equality comparisons. | ||||
| def display_identifier | ||||
| @endpoint ? @endpoint.display_identifier : nil | ||||
| end | ||||
| end | ||||
| # A successful acknowledgement from the OpenID server that the | ||||
| # supplied URL is, indeed controlled by the requesting agent. | ||||
| class SuccessResponse | ||||
| include Response | ||||
| STATUS = SUCCESS | ||||
| attr_reader :message, :signed_fields | ||||
| def initialize(endpoint, message, signed_fields) | ||||
| # Don't use :endpoint=, because endpoint should never be nil | ||||
| # for a successfull transaction. | ||||
| @endpoint = endpoint | ||||
| @identity_url = endpoint.claimed_id | ||||
| @message = message | ||||
| @signed_fields = signed_fields | ||||
| end | ||||
| # Was this authentication response an OpenID 1 authentication | ||||
| # response? | ||||
| def is_openid1 | ||||
| @message.is_openid1 | ||||
| end | ||||
| # Return whether a particular key is signed, regardless of its | ||||
| # namespace alias | ||||
| def signed?(ns_uri, ns_key) | ||||
| @signed_fields.member?(@message.get_key(ns_uri, ns_key)) | ||||
| end | ||||
| # Return the specified signed field if available, otherwise | ||||
| # return default | ||||
| def get_signed(ns_uri, ns_key, default=nil) | ||||
| if singed?(ns_uri, ns_key) | ||||
| return @message.get_arg(ns_uri, ns_key, default) | ||||
| else | ||||
| return default | ||||
| end | ||||
| end | ||||
| # Get signed arguments from the response message. Return a dict | ||||
| # of all arguments in the specified namespace. If any of the | ||||
| # arguments are not signed, return nil. | ||||
| def get_signed_ns(ns_uri) | ||||
| msg_args = @message.get_args(ns_uri) | ||||
| msg_args.each_key do |key| | ||||
| if !signed?(ns_uri, key) | ||||
| return nil | ||||
| end | ||||
| end | ||||
| return msg_args | ||||
| end | ||||
| # Return response arguments in the specified namespace. | ||||
| # If require_signed is true and the arguments are not signed, | ||||
| # return nil. | ||||
| def extension_response(namespace_uri, require_signed) | ||||
| if require_signed | ||||
| get_signed_ns(namespace_uri) | ||||
| else | ||||
| @message.get_args(namespace_uri) | ||||
| end | ||||
| end | ||||
| end | ||||
| class FailureResponse | ||||
| include Response | ||||
| STATUS = FAILURE | ||||
| attr_reader :message, :contact, :reference | ||||
| def initialize(endpoint, message, contact=nil, reference=nil) | ||||
| @endpoint = endpoint | ||||
| @message = message | ||||
| @contact = contact | ||||
| @reference = reference | ||||
| end | ||||
| end | ||||
| class CancelResponse | ||||
| include Response | ||||
| STATUS = CANCEL | ||||
| def initialize(endpoint) | ||||
| @endpoint = endpoint | ||||
| end | ||||
| end | ||||
| class SetupNeededResponse | ||||
| include Response | ||||
| STATUS = SETUP_NEEDED | ||||
| def initialize(endpoint, setup_url) | ||||
| @endpoint = endpoint | ||||
| @setup_url = setup_url | ||||
| end | ||||
| end | ||||
| end | ||||
| end | ||||